In today’s dynamic business landscape, safeguarding organisations against the insider threat is paramount. With the evolving nature of dishonest conduct and the potential ramifications it poses, HR directors must remain vigilant and proactive in identifying and mitigating such risks.

It is clear too, that organisations are growing increasingly concerned about the threat of employees committing dishonest acts against their organisation. Having surveyed 500 key decision-makers at large UK corporates with 1,000-strong workforces, indeed 54% of respondents feared their staff would be targeted, with the danger of divulging sensitive information to fraudsters in exchange for cash.

While there is not necessarily one profile that fits with what an ‘insider threat’ may look, sound or act like, there are tell-tale signs that HR directors and their organisations can recognise to help mitigate their impact at the earliest opportunity, protect workforces, and support employees before they veer down a dishonest path.

Behavioural red flags to look out for

Some employees committing dishonest conduct against their organisation might often seem reluctant to take time off work for fear their activity could be uncovered while they’re away. Meanwhile, other red flags include:

• Accessing systems that aren’t part of their job roles.
• Living beyond their means.
• Signs of addictions such as drugs, alcohol, shopping or gambling.
• Sharing passwords.
• Taking computer screenshots or documenting confidential information.
• Disgruntled employees.
• A reluctance to adhere to dual controls.
• Financial struggles.

Organisations are advised to stay alert to any unusual activity patterns by monitoring for irregularities in systems access, financial transactions, or information sharing, as well as recognising when employees might be exhibiting lifestyles incongruent with their salaries.

How to mitigate the insider threat

While the insider threat and subsequent risks are bespoke to each business, and dependent on the types of controls in place, there are ways employers and their HR functions can better protect workplaces. These include:

• Identify where any weaknesses are within the organisation and rectify these by implementing sufficient controls. For example, pre-employment vetting checks can flag anything suspicious with applicants or new recruits. Additionally, managing who has access to sensitive documents can avoid confidential information getting into the wrong hands.
• Speed is of the essence when remedying any potential pitfalls. It’s also crucial to be quick when addressing any gaps that may have arisen/or could take place following organisational changes such as switching from office-based to remote working operations. Throughout, businesses should conduct regular risk assessments to ensure vulnerabilities are consistently improved.
• Operate a policy which means all employees are aware the organisation will not tolerate dishonesty and that suspected instances of fraudulent conduct will be thoroughly investigated, with appropriate action taken. Additionally, introducing ways that enable individuals to raise any concerns confidentially, such as a whistleblowing service, is recommended.
• Remember, it isn’t only cash that is valuable. Equipment – such as laptops and phones – can be sold via online marketplaces. Theft against employers remains a huge concern for many organisations. Implementing security controls such as multifactor authentication, facial recognition and the ability for IT departments to remotely wipe devices when required, can provide another layer of protection and make it difficult for criminals to profit.

How to protect workforces from insider threats

Providing specialist training, education and awareness for staff not only broadens their knowledge about what an insider threat is, but it fosters a culture of reporting suspicious activity confidentially. Other ways HR directors and their organisations can protect staff members include:

• Ensuring that colleagues are aware of the importance of locking equipment when unattended and that they never share passwords.
• Undertaking regular auditing, including spot checks to detect anomalies and deter misconduct.
• Operating controls such as a Minimum Mandatory Leave policy. If employees are not around to ‘cover their tracks’, such controls can help identify dishonest activity at an earlier stage.
• Thoroughly vetting all employees regardless of role and throughout their entire employee lifecycle. For example, at the end of probation, changing job roles, and annually thereafter.

Interestingly, data shows that although 38% of employees* for dishonest conduct against their employer in 2023 had been in position less than a year (up from 21% in 2022), 17% of the individuals filed had been employed for more than 10 years in their organisation. Therefore, regular monitoring is critical and exploring options, such as the Senior Managers and Certification Regime, can help reduce harm and make individuals more accountable for their conduct. In addition, consideration should be given to non-regulated employees, with checks implemented annually.

How to support employees before they become an insider threat

It is also important that HR directors and employers recognise that circumstances change for individuals and to always be aware of the macroeconomic effects that might impact colleagues – such as the cost-of-living crisis and rising inflation. The reason being, many employees who might not have been dishonest previously, may feel they have no other option but to take from their employer to pay bills or repay debts.

Meanwhile, other insider threats often justify their actions by saying they will ‘pay back the money’ or ‘it’s just a one-off’. For some, funding their out-of-control addictions can often be a critical driver as to why they have committed dishonest conduct.

Dishonest actions remain wide-ranging and far-reaching, however, there are three key areas to consider so organisations can be better prepared for when an insider threat might occur. These being:

1. What opportunity does an individual have to become an insider threat?
2. What could be their motivation to take from their employer?
3. How may they rationalise their dishonest behaviour?

Understanding the ‘fraud triangle’ in more detail can influence organisations to put effective measures in place that ultimately support employees and deter dishonest conduct. For example:

• Offer resources for financial wellbeing and emotional health, including addiction support and counselling services.
• Create a confidential whistleblowing service so that employees have a way to report their concerns without fear of reprisal.
• Tailor support and recognise each employee’s circumstance, needs and challenges are different.
• Promote a culture of transparency and inclusivity where employees can speak up and ask for the appropriate support to address their individual requirements.
• Educate workforces through effective training that helps them understand what constitutes as dishonest conduct and its dangers.

By implementing these strategies, HR directors and their organisations can better protect their workforces against insider threats, foster a resilient workforce, and uphold integrity and trust across all levels of the business.

*Cifas Insider Threat Database